Public CVE-2005-2416 disclosure

Contrexx before 1.0.5 allows remote attackers to obtain sensitive information via a direct request to /config/version.xml.